You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/container-apps/key-vault-certificates-manage.md
+14-5Lines changed: 14 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ services: container-apps
5
5
author: craigshoemaker
6
6
ms.service: container-apps
7
7
ms.topic: how-to
8
-
ms.date: 04/23/2024
8
+
ms.date: 05/08/2024
9
9
ms.author: cshoe
10
10
---
11
11
@@ -29,16 +29,25 @@ You can set up Azure Key Vault to manage your container app's certificates to ha
29
29
az extension add --name containerapp --upgrade`
30
30
```
31
31
32
-
## Enable managed identity
32
+
- [Managed identity](./managed-identity.md): Enable managed identity on your Container Apps environment.
33
+
34
+
## Secret configuration
33
35
34
36
An [Azure Key Vault](/azure/key-vault/general/manage-with-cli2) instance is required to store your certificate. Make the following updates to your Key Vault instance:
35
37
36
-
1. Open the [Azure portal](https://portal.azure.com) and find your instance of Azure Key Vault.
38
+
1. Open the [Azure portal](https://portal.azure.com).
39
+
40
+
1. Go to your Azure Container Apps environment.
37
41
38
-
1. Edit the Identity Access Management (IAM) access control and set yourself as a *Key Vault Administrator*.
42
+
1. From *Settings*, select Access control (IAM).
43
+
44
+
1. From the *Roles* tab, and set yourself as a *Key Vault Administrator*.
39
45
40
46
1. Go to your certificate's details and copy the value for *Secret Identifier* and paste it into a text editor for use in an upcoming step.
41
47
48
+
> [!NOTE]
49
+
> The secret identifier with a version suffix only attempts to get a certificate from the specified version. If you are using a secret identifier without a version suffix, it uses the latest version.
50
+
42
51
## Assign roles
43
52
44
53
1. Open the [Azure portal](https://portal.azure.com) and find your instance of your Azure Container Apps environment where you want to import a certificate.
@@ -47,7 +56,7 @@ An [Azure Key Vault](/azure/key-vault/general/manage-with-cli2) instance is requ
47
56
48
57
## Import a certificate
49
58
50
-
Once you authorize your container app to read the vault, you can use the `az containerapp env certificate upload` command to associate your vault with your Container Apps environment.
59
+
Once you authorize your container app to read the vault, you can use the `az containerapp env certificate upload` command to import your vault to your Container Apps environment.
51
60
52
61
Before you run the following command, replace the placeholder tokens surrounded by `<>` brackets with your own values.
0 commit comments